4 matches found
CVE-2025-32640
CVE-2025-32640 is a stored XSS in the WordPress plugin Ally – Web Accessibility & Usability (One Click Accessibility). The issue affects the One Click Accessibility component up to version 3.1.0 and requires authenticated access (Administrator+) to exploit. The connected Wordfence disclosure list...
CVE-2025-32640 WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor One Click Accessibility allows Stored XSS. This issue affects One Click Accessibility: from n/a through 3.1.0...
CVE-2025-32640 WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Elementor Ally pojo-accessibility allows Stored XSS.This issue affects Ally: from n/a through = 3.1.0...
WordPress One Click Accessibility plugin <= 3.1.0 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability discovered by Ayato Shitomi @ Fore-Z co.ltd in WordPress Plugin Ally versions = 3.1.0...